After 6 login attempt, web agent returns error 500

Document ID : KB000117185
Last Modified Date : 09/10/2018
Show Technical Document Details
Issue:
We're running Web Agent and have configured password policies, so 
that after 6 wrong password login attempts, then the user should get 
a page saying that the account is locked. Instead, the browser 
receives error 500. 

How can we fix this ?
Cause:
The custom login.fcc has @smretries parameter. 

login.fcc 

@smretries=6 

The Web Agent fails to process completely the request because of the 
missing .unauth file. 

smps.log :

1. [31633/3816777472][Thu Sep 27 2018 
   14:48:11][CSmFormTemplateObj.cpp:226][ERROR][sm-HTTPAgent-00370] 
   Error opening form template 
   '/opt/CA/webagent/samples/forms/login.unauth': 
   No such file or directory. 
2. [31633/3816777472][Thu Sep 27 2018 
   14:48:11][CSmResponseManager.cpp:222][ERROR][sm-AgentFramework-00460] 
   HLA: Analyzer from module 'SM_WAF_HTTP_PLUGIN' returned unknown 
   response code '-1' for component 'Response Manager'. 

As the login.fcc uses smretries, then you should define a .unauth 
page. 

  Authentication and a Centralized Login Server 

  Stand–Alone Login Page 

  In this use case, CA Single Sign-On directs users to a stand–alone 
  login page when they request a protected resource. Specifically: 

  The login FCC file is configured with an @directive (@smretries) to 
  redirect users to a failed authentication page (login.unauth) after 
  two failed authentication attempts. 

  https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/implementing/implementing-ca-single-sign-on/authentication-and-a-centralized-login-server 
 
Resolution:
- Check how to configure the login.unauth following the tips from this page : 

  Tech Tip : CA Single Sign-On : Display a Message in FCC After a Wrong Login Attempt 
  https://communities.ca.com/docs/DOC-231183210-tech-tip-ca-single-sign-on-display-a-message-in-fcc-after-a-wrong-login-attempt